修复ssl session缓存中对openssl的不正确使用。

1 files changed, 27 insertions, 18 deletions

diff --git a/platform/src/ssl_sess_cache.cpp b/platform/src/ssl_sess_cache.cpp
index 6c8bd4b..73c9821 100644
--- a/platform/src/ssl_sess_cache.cpp
+++ b/platform/src/ssl_sess_cache.cpp
@@ -7,11 +7,11 @@
 #include <MESA/MESA_htable.h>
 #include <MESA/field_stat2.h>
 
-#define    SESS_CACHE_NOT_FOUND            -1
-#define    SESS_CACHE_FOUND                0
-#define SESS_CACHE_UPDATE_OLD        1
-#define SESS_CACHE_ADD_NEW            2
-#define SESS_CACHE_INVALID            3
+#define		SESS_CACHE_NOT_FOUND		-1
+#define		SESS_CACHE_FOUND			0
+#define 	SESS_CACHE_UPDATE_OLD		1
+#define		SESS_CACHE_ADD_NEW			2
+#define		SESS_CACHE_INVALID			3
 
 struct asn1_sess
 {
@@ -45,25 +45,34 @@ static struct asn1_sess * ssl_sess_serialize(SSL_SESSION * sess)
 {
 	struct asn1_sess * result = ALLOC(struct asn1_sess, 1);
 
-	int __i2d_size = i2d_SSL_SESSION(sess, NULL);
-	result->size = (size_t) __i2d_size;
-	assert(__i2d_size > 0);
+	int i = i2d_SSL_SESSION(sess, NULL), j=0;
+	result->size = (size_t) i;
+	unsigned char* temp=NULL;
+	assert(i > 0);
 
 	/* When using i2d_SSL_SESSION(), the memory location pointed to by pp must be large enough to
 	 * hold the binary representation of the session. There is no known limit on the size of the
 	 * created ASN1 representation, so the necessary amount of space should be obtained by first
 	 * calling i2d_SSL_SESSION() with pp=NULL, and obtain the size needed,
-	 * then allocate the memory and call i2d_SSL_SESSION() again.*/
-
-	result->buff = ALLOC(unsigned char, result->size);
-	i2d_SSL_SESSION(sess, &(result->buff));
+	 * then allocate the memory and call i2d_SSL_SESSION() again.
+	 *Note that this will advance the value contained in *pp so it is necessary to save a copy of the original allocation.*/
+	result->buff = temp = ALLOC(unsigned char, result->size);
+	
+	j=i2d_SSL_SESSION(sess, &(temp));
+	assert(i == j);
+	assert(result->buff + i == temp);
 	return result;
 }
 
 static SSL_SESSION * ssl_sess_deserialize(const struct asn1_sess * asn1)
 {
 	SSL_SESSION * sess = NULL;
-	d2i_SSL_SESSION(&sess, (const unsigned char **) &(asn1->buff), (long) asn1->size); /* increments asn1 */
+	
+	const unsigned char *p=asn1->buff;
+	/* i2d_SSL_SESSION increments the pointer pointed to by p to point one byte after the saved data 
+	 * We save the pointer first.*/
+	sess=d2i_SSL_SESSION(NULL, &(p), (long) asn1->size); /* increments asn1 */
+	assert(sess!=NULL);
 	return sess;
 }
 
@@ -188,7 +197,7 @@ void up_session_set(struct sess_cache * cache, struct sockaddr * addr, socklen_t
 	struct asn1_sess * asn1 = NULL;
 	asn1 = ssl_sess_serialize(sess);
 
-	struct sess_set_args set_args{.hash = cache->hash, .new_sess = asn1};
+	struct sess_set_args set_args={.hash = cache->hash, .new_sess = asn1};
 	MESA_htable_search_cb(cache->hash, key, key_size, sess_cache_set_cb, &set_args, &cb_ret);
 	if (cb_ret == SESS_CACHE_UPDATE_OLD)
 	{
@@ -211,7 +220,7 @@ SSL_SESSION * up_session_get(struct sess_cache * cache, struct sockaddr * addr,
 	MESA_htable_search_cb(cache->hash, key, key_size, sess_cache_get_cb, &sess, &cb_ret);
 	free(key);
 	key = NULL;
-	if (cb_ret == 1)
+	if (cb_ret == SESS_CACHE_FOUND)
 	{
 		ATOMIC_INC(&(cache->hit_cnt));
 		return sess;
@@ -238,9 +247,9 @@ void down_session_set(struct sess_cache * cache, const SSL_SESSION * sess)
 	*/
 
 	const unsigned char * id = SSL_SESSION_get_id(sess, &idlen);
-	struct sess_set_args set_args{.hash = cache->hash, .new_sess = asn1};
+	struct sess_set_args set_args={.hash = cache->hash, .new_sess = asn1};
 
-	MESA_htable_search_cb(cache->hash, id, (unsigned int) idlen, sess_cache_set_cb, &set_args, &cb_ret);
+	MESA_htable_search_cb(cache->hash, id, idlen, sess_cache_set_cb, &set_args, &cb_ret);
 	if (cb_ret == SESS_CACHE_UPDATE_OLD)
 	{
 		ssl_sess_free_serialized(asn1);
@@ -254,7 +263,7 @@ SSL_SESSION * down_session_get(struct sess_cache * cache, const unsigned char *
 	long cb_ret = 0;
 	assert(cache->served_for == CONN_DIR_DOWNSTREAM);
 	MESA_htable_search_cb(cache->hash, id, (unsigned int) idlen, sess_cache_get_cb, &sess, &cb_ret);
-	if (cb_ret == 1)
+	if (cb_ret == SESS_CACHE_FOUND)
 	{
 		ATOMIC_INC(&(cache->hit_cnt));
 		return sess;